A protocol defined in IETF RFCs 2440 and 3156 for encrypting messages and creating certificates using public key cryptography. Most mail clients do not support OpenPGP by default; instead, third-party plug-ins can be used in conjunction with the mail clients. OpenPGP uses a “web of trust” model for key management, which relies on users for management and control, making it unsuitable for medium to large implementations.

Source: NIST SP 800-45 Version 2 | Category: